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In the Claims 

The following listing of the claims replaces all previous listings. 

1 . (Currently Amended) A method for preventing overrun of an input data buifer within a 
program having the input data buffer on a stack data structure, the program executing on a 
computing systemj the method comprising: 

pushing all arguments to a function onto the stack data stmcture; 

pushing a return address onto the stack data structure for use m obtaining [[the]] a 
memory address for [[the]] an instruction to be executed upon completion of the function; 

pushing onto the stack data structure a secinity token, the security token compri s oc 
comprising a randomly generated data value; 

allocalitig memory locations on the stack data structure for use as local variables within 
the function; 

completing [[the]] instructions within the fimction; 
retrieving the security token value firom the stack data structure; and 
if the retrieved security token value is identical to the randomly generated data value, 
returning from the function using die return address stored on the stack data structure, 

2. (Currently Amended) The method according to claim 1, wherein the method fiirther 
comprises aborting [[the]] operation of the program if the retrieved security token value is not 
identical to the randomly generated data value. 

3. (Original) The method according to claim 1 , wherein the randomly generated data value 
is detemiined using a random number generator once each time the program is executed. 

4. (Original) The method according to claim 3, wherein the random number generator 
generates the randomly generated data value using a snapshot of a system clock within the 
computing system obtained before the program first accepts input data, 

5. (Original) The method according to claim 1. wherein the function comprises a subroutine 
that does not return a data value, 
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6. (Original) The method according to claim 1. wherein the function comprises a subroutine 
that does retvims one or more data values. 

7. (Currently Amended) An apparams for preventing overrun of an input data buffer within 
a program having the input data buffer on a stack data stmcture. the program e?cecutinRona 
<>jYmputiTi p system, the apparatus comprising: 

a fonotion call module placing arguments to a fimction and a return address onto the stack 

data structure; 

a push security token module placing onto the stack data stmcture a security token, the 
security token e^qprises seiBEiaaag a randomly generated data value; 

a perform function module perfonning [[the]] operations within the fimotion. the perform 
function module aHeeates allocating memory locations on the stack data structure for use as the 
input data buffer, 

a pop security token module retrieving the security token from the stack data structare 
upon completion of [[the]] operation of the perfbim function module;[[.]] 

a test module comparing the retrieved security token with the randomly generated data 

value; and 

a complete fimction module completing [[tlie]] operations of the function; 
wherein the complete function module returns from the function if the retrieved security 
token is determined to be identical to the randomly generated data value by the test module. 

8. (Currently Amended) The apparatus accorxKng to claim 7, wherein the complete fimction 
module aborts [[the]] operation of ihe program if the retrieved security token is detennmed not to 
be identical to the randomly generated data value by the test module. 

9. (Original) The apparatus according to claim 8, wherein the randomly generated data 
value is determined using a random number generator module once each time the program is 
executed. 
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10. (Original) The apparatus according to claim 9, wherein the random number generator 
module generates the randomly generated data value using a snapshot of a system clock within 
the computing system obtained before the program first accepts input data. 

1 1 . (Original) The apparatus according to claim 9, wherein the function comprises a 
subroutine that does not return a data value, 

12. (Original) The apparatus according to claim 9, wherein the function comprises a 
subroutine that does returns one or more data values, 

13. (Currently Amended) A computer program product readable by a computing system and 
encoding a set of computer instructions implementing a method for preventing ovemm of an 
input data buffer within a program having the input data buffer on a stack data structure, the 
program executing on a computing system, the method comprising: 

pushing a return address onto the stack data structure for use in obtaining [[the]] a 
memory address for [[the]] an instruction to be executed upon completion of [[the]] a function; 

pushing onto the stack data structure a security token, the security token oomprifies 
comprising a randomly generated data value; 

completing the instructions within the function; 

retrieving the security token value from the stack data structure; 

if the retrieved security token value is identical to the randomly generated data value, 
returning from the function using the return address stored on the stack data structxjre. 

14. (Cuixently Amended) The computer program product according to claim 13, wherein the 
method further comprises aborting [[the]] operation of the program if die retrieved security token 
value is not identical to the randomly generated data value, 

15. (Original) The computer program product according to claim 13, wherein the randomly 
generated data value is determined using a random number generator once each time the program 
is executed. 
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16. (Original) The computer program product according to claim 15, wherein the random 
number generator generates the randomly generated data value using a snapshot of a system 
clock within the computing system obtained before the program first accepts input data, 

17. (Currently Amended) The method computer program product according to claim 13, 
wherein the function comprises a subroutine that does not return a data value. 

1 8- (Currently Amended) The method computer program product according to claim 13, 
wherein the function comprises a subroutine that does returns one or more data values. 

19. (Currently Amended) [[A]] The computer program product[[J] according to claim 13, 
wherein the computer data product comprises a set of computer instructions encoded and stored 
onto a computer-readable storage medium, 

20. (Currently Amended) [[A]] The computer program product[[J] according to claim 13, 
wherein the computer data product comprises a set of computer instructions encoded within a 
carrier wave for transmission between computing systems. 
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